JakeHillion/nixos
1
0
Fork 0
Code Issues 10 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

matrix: move backups to self-hosted restic
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Jake Hillion 2023-07-03 21:13:11 +01:00
parent 25a49899af
commit ca1c83a8f6
5 changed files with 5 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/backups/matrix.nix
View File

@ -9,14 +9,7 @@ in
};
config = lib.mkIf cfg.enable {
age.secrets = {
"backblaze/vm-strangervm-backups-matrix" = {
file = ../../secrets/backblaze/vm-strangervm-backups-matrix.age;
};
"restic/b2-backups-matrix" = {
file = ../../secrets/restic/b2-backups-matrix.age;
};
};
age.secrets."backups/matrix/restic/128G".file = ../../secrets/restic/128G.age;
services = {
postgresqlBackup = {
@ -29,17 +22,10 @@ in
user = "root";
timerConfig = {
OnCalendar = "03:00";
RandomizedDelaySec = "30m";
RandomizedDelaySec = "60m";
};
repository = "b2:hillion-personal:backups/matrix";
pruneOpts = [
"--keep-daily 14"
"--keep-weekly 5"
"--keep-monthly 24"
"--keep-yearly 10"
];
passwordFile = config.age.secrets."restic/b2-backups-matrix".path;
environmentFile = config.age.secrets."backblaze/vm-strangervm-backups-matrix".path;
repository = "rest:http://restic.tywin.storage.ts.hillion.co.uk/128G";
passwordFile = config.age.secrets."backups/matrix/restic/128G".path;
paths = [
"${config.services.postgresqlBackup.location}/matrix-synapse.sql"
config.services.matrix-synapse.dataDir

21
secrets/backblaze/vm-strangervm-backups-matrix.age
View File

@ -1,21 +0,0 @@
age-encryption.org/v1
-> ssh-rsa GxPFJQ
WhDI83oNZ+aWNTHMEvSqGHCCZrdSV4LLjWK4zWivRmdJA2BHVtAvFpZAnjkvEB3+
qP3Ax94hE0mW9wHGqEVx0qO9yRRygfXobGXiI0q7hFT3a3TMT2Qkpk3nsrpsBYnT
pStKnoPl5PCMIZkXzP/ITf/YF9l7m5fhv9PLK6qFJCFDlQvkiVyooQyfOsCCZgsY
CQCfAIwIlOxhglNUdkurY9r3nSBwuNiNcP5E0s6/MttMqqDsfXEoEV/bnGL13dso
fgPs64cTp4HFgnvYV5/iIsKtQKPmeSeDL8wCpr+w8kmMzqDN8Hj6WSlev6V9REjd
cOpXlGEJNM5h8n83RB45Dw
-> ssh-rsa K9mW1w
D5sBg2jWNJZ4kAVSKri5xTThWW5zAIrVY9cUJCDN/IiKczcRB73lvtHkB4u21QvX
zdwSFx4b2E/dpBwtoQhlEDzkJeMnSpyh1Xg/iBmASxWI6W95p7jHgyNwV3OBI1FL
dn9u2DlDvpDOIAmc5bgh8rUIm9zVxkMq4EpVkuGPjXmhRceq992xpnaNZIGYKV/h
3tnJnh2ukCBajcI28qf2L1dULtocBOsi9Z24cAlE+MC83dRZruMoOn9TfK5kMFSn
z6JQBKVYF47vzUrXGhqGBwR/Wqc1K/EBBswTNaHohc0QIe+lESR35Fb/E5cV8fjp
BTAEcTN2n39dHT9GL3LZyw
-> ssh-ed25519 O0LMHg 9jE7L7hfVxtdpDjGSDF6BoXw1bsyI0R4TzB1y7mNmRs
jZk3tmzBsm/GYmVRNGsceOrsfoRBmrEcbbjgerHWd+U
-> wj-grease ?,}i I-Y=m6eQ
4MuyPrf3WvfSrMo
--- hmWTaqpQq9Ew4epCqcB4gMyQ3nGv5dQfkfJuBH6+3wM
W­möÛæÇV¹ë×,qŽP÷•ê n1iä7çÚ¦IQ÷è3´LU°¤u™¨¥d¸¸…å~²áf˜ÆEh‰DcÍZ€œŸ<C593>¾® ¬P“dÙºûð÷gn1aÄÆöÅÚúÙ(ÏÿŠÒ"ŒðàÀé6B¸ðÄH

BIN
secrets/restic/128G.age
View File

Binary file not shown.

22
secrets/restic/b2-backups-matrix.age
View File

@ -1,22 +0,0 @@
age-encryption.org/v1
-> ssh-rsa GxPFJQ
XikDLzkJ9y9/P2LrZvgo0Jsc3Wpc6+aCXPn2Y0v20X1zJdzbXaRhzmK88Lsp9FKJ
zMrJQ8vl4oOEuVHdk5kiWnh2VBQ6Gy1t2eu6IA4UxWAp5gnC0bkwghFpQ2P9Hhk7
kchH+CA3vag6C3ESqcT0Z0yUiGy+HafUexar9u5vkKqYhaiXUFN4FwVUa/OxOc+6
mHMR0rXBhCcSeV4cE3CI/77kJVvGE1aVegl4E/k6iC4btAXgMwyagj1917zNC+2f
WU1oX3PtJFsfmnAAtgYCuW9cEGfZs24b1675L2WAdd9DuxRlhBynx7Mqe0Eiq3lw
5Hlhj2stO5EIHnCCzbZg/Q
-> ssh-rsa K9mW1w
KYWWAMNw0ciyYQh2Z2t9AhCgLxSmGySfn6xHYOORnUADaInxQ1QEw9lwD/z3ih/w
ejMOprBNh/pj3Sf5OAvcrwJWvnhB5bpqeAL57T2Zn2qti66+eeGulWGi1djEYkMi
tUsrMpRqHu3IL/b+uNLnsTAJbqcmcKd9xV+fdaPdjmjPkFw4Zw0XHv73+k0O8hy1
3SEipg58NGE3Kf1dFJJzchESpQbAf2P/5KMr/Vlpe7V0ZYVU+NVw2DkZ98/yQ4MB
OLz7PRrKaDJg7inhzNykEn/qUKIrVLzj/vGxjQoTwPPh/2kr7uTrQi88vp70qzT1
3+0i3G4xH1ofaO7k3ZBJgQ
-> ssh-ed25519 O0LMHg FiNbHlsFLauxblKajWduy3unKF/W4LAUnjrxv0dNDm0
2909ULi3BHj83/T+dbKKs9JnYN8UaY8T1OuftP/JMeM
-> dTy-grease 0'NL[zt4
w4mcexMewxjkp7dvG81W/zd5v7cVfU6YOtPOmN3Yiy3k2zFMGmzDat4fIeGk22XR
kbKEC2Y/KqQTfAmfeNW3cAw+hT7/5XxIU6FqWjgD
--- PdzYPRqT+C56MmIVugGUvdigUblq+rTiDTfVEJYK3qk
hA<EFBFBD>˜¢¦m}Ѭ<C391>ô!püÐN,m(¦åú¸=:îŸÕ-К±<C5A1>ìÐÔ!·{-i½äEÀ'¼|<7C>…3

6
secrets/secrets.nix
View File

@ -59,12 +59,8 @@ in
"matrix/matrix.hillion.co.uk/macaroon_secret_key.age".publicKeys = jake_users ++ [ ts.strangervm.vm ];
"matrix/matrix.hillion.co.uk/email.age".publicKeys = jake_users ++ [ ts.strangervm.vm ];
# Backblaze Secrets
"backblaze/vm-strangervm-backups-matrix.age".publicKeys = jake_users ++ [ ts.strangervm.vm ];
# Backups Secrets
"restic/b2-backups-matrix.age".publicKeys = jake_users ++ [ ts.strangervm.vm ];
"restic/128G.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
"restic/128G.age".publicKeys = jake_users ++ [ ts.storage.tywin ts.strangervm.vm ];
"restic/1.6T.age".publicKeys = jake_users ++ [ ts.storage.tywin ];
"git/git_backups_ecdsa.age".publicKeys = jake_users ++ [ ts.storage.tywin ];